Giving handhelds to 1,000 executives around the globe wasn't easybut it let Unilever establish its wireless policy from the ground up.

No Deviations on Security

Unilever decided that it was important to have a strict and consistent security policy. "BlackBerry's operating system has the best security features compared with other wireless e-mail vendors," Pescatore says. He notes that BlackBerry is a closed environment with a proprietary operating system. This allows information-technology managers to set default parameters so, for example, users won't be able to open attachments sent from their desktop, which cuts down on the number of viruses that may infect the company's network.

Unilever users are automatically prevented from installing any third-party applications on their BlackBerrys. The security settings also prevent the use of any other e-mail programs or browser services, which means all outbound e-mail and browser traffic is routed through the BlackBerry Enterprise Servers. Those servers use 128-bit encryption and are Secure Sockets Layer-compatible. Split-pipe connections are likewise prohibited, which means that applications running on the BlackBerry operating system can't open both internal and external connections to the Internet. This would allow a malicious application to surreptitiously collect data from inside the firewall and send it outside the firewall without any auditing.

The firewall monitors all traffic and checks if users are forwarding their e-mail to non-corporate accounts. "If we discover someone's doing this, we tell them to stop, because once we have e-mail passing from a home network through our corporate network it is unsecured," Farah explains.

No technology installation is without hiccups, however. After the pilot moved into production in September 2005, Unilever installed a BlackBerry Enterprise Server to process and encrypt messages in each of its Microsoft Exchange environments. It also instituted two security protections on the BlackBerry devices themselves:

 A time-out after 15 minutes idle; a user must then input his password again to regain access to e-mail or the phone.

 A lockout and complete wipe of the device after 10 password log-in attempts.

"I started to get a tremendous amount of pushback from executives who didn't want to enter the password when they were using the BlackBerry as a phone," Farah explains. To accommodate those users, the company's I.T. group allows them to carry a BlackBerry for data and either a cell phone or smart phone for voice. "One of the original business requirements was that executives could use the device for both voice and data; for some of the executives, we had to give up on that," he says.

The program has now been underway for almost two years, with a recurring annual cost of $70,000 and more than 450 executives enrolled. Another 550 executives will receive BlackBerrys this year. To date, there have been a few lost and stolen handhelds but no major security breaches, according to Farah.

This puts Unilever way ahead of the curve, Pescatore says: "What they're doing is above and beyond best practices."